I believe, as far as JWE is concerned, you can use this specific
algorithm only to get a content encryption key encrypted with a derived
key based on the provided password:
https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-40#section-4.8
The tests are here:
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=rt/rs/security/jose/src/test/java/org/apache/cxf/rs/security/jose/jwe/JwePbeHmacAesWrapTest.java;h=4025cda93b58ab184c602874b8104cd38d4069a2;hb=HEAD
Most of the algorithms can be supported directly with the JAX-RS JOSE
filters but not this one yet. The test code shows the only way it can be
used for now
This page:
http://cxf.apache.org/docs/jax-rs-jose.html
will be completed in the next few weeks.
You can also try Jose4J
HTH, Sergey
On 11/02/15 12:11, Christopher Cheng wrote:
Thanks Sergey... You save my day if you do
On Wed, Feb 11, 2015 at 8:06 PM, Sergey Beryozkin <[email protected]> wrote:
Hi
On 11/02/15 12:03, Christopher Cheng wrote:
This is how I did in POJO. Could somebody help me how to do it with
CXF configuration?
String password = "1234567890123456";
String content = “abcdefghigklmnopqrstuvwxyz0123456789”;
byte[] raw = password.getBytes(Charsets.UTF_8);
SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new
byte[16])); // zero IV
String encrypted = new
String(Base64.encodeBase64(cipher.doFinal(content.getBytes(Charsets.UTF_8))))
Are you trying to do JWE by any chance ?
I'll post you a code example shortly, working with a release issue right now
Sergey
